[openstack-dev] [OSSG] SSL Review (Clark, Robert Graham)
Paul McMillan
paul.mcmillan at nebula.com
Tue Oct 30 17:06:03 UTC 2012
_______________________________________
From: stuart.mclaren at hp.com [stuart.mclaren at hp.com]
For the client side I'd lean towards the httplib + pyopenssl combination
which allows ssl compression to be disabled (for performance), allows
custom ssl verification, and doesn't have the httplib2 retry issues
_______________________________________
I strongly encourage the consideration of the requests library, primarily because it has a sane API [1] which encourages developers to do the right thing. If you've ever written any httplib2 code, you'll know exactly what I'm talking about. Requests works consistently and properly with SSL and TLS out of the box, and is quite actively maintained/developed.
If we had to choose something other than requests, I agree that httplib + pyopenssl is a reasonable choice. httplib2 has got to go.
-Paul
[1] http://docs.python-requests.org/
More information about the OpenStack-dev
mailing list